|
PureBytes Links
Trading Reference Links
|
On 13-DEC-01, Microsoft posted a Security Bulletin about a new security vulnerablity with IE 5, IE 6 and Outlook. In short, ....
1. A malicious web page could force your computer to download files and install them without your knowledge, automatically.
2. A web page could pop up a dialog box displaying a message that you are about to download a file with a phony filename. This way the surfer may think he is downloading readme.txt, while the real filename is virus.exe
3. The source of the file can be blocked out, preventing you from knowing where the souce file is located.
4. This vulnerability can also be exploited through Microsoft Outlook (which uses IE to display HTML e-mails). Simply previewing an HTML e-mail in Outlook is enough to allow a hacker to install arbitrary code onto your system.
For more information, go here ....
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-058.asp
If you are running IE 5.5 or 6, you can get the Microsoft patch here ...
http://www.microsoft.com/windows/ie/downloads/critical/q313675/default.asp
- Mark Jurik
|